China has over 400 million internet users, more than any other nation. This exponentially increasing population of Chinese netizens entering the global internet community has not come without serious negative externality. Over the past decade, there has been a marked increase in cyber-espionage and hacking coming from Mainland China. Espionage is not new, even between close allies such as the United States and Israel, but the unusually high frequency and intensity of Chinese cyber-spying from both state and non-state actorsis causing great concern.
Besides the traditional attacks on security institutions, Chinese hackers have placed a new focus on private business. For example, over the last several months network, security experts have noticed that Facebook internet traffic has been purposely routed through China.
“It’s real. It is happening. It can’t be described as an ‘accident’ anymore,” Joffe [Rodney Joffe, senior technologist at DNS (Domain Name System) registry Neustar], who observed similar traffic snafus involving China last year, said in an e-mail to CNET today.
Although Beijing is notorious for draconian internet censorship, having invested inordinate resources in a 30-50,000 man-strong internet shield, known as the Golden Shield (金盾工程: jīndùn gōngchéng), the new focus is on offensive international attacks and data gathering raids. In the case of Facebook, analyst are concerned that China is spying on foreign users in order to lift session ID information, personal information, e-mails, photos, chat conversations, all in order to lift propitiatory information, as well as monitor human rights activism.
The issue of Intellectual Property theft has become a palpable one. Western economies, especially the U.S., have become knowledge based service economies, where first mover advantage and property right protections are essential to long term economic growth. The technological advantages the U.S. has enjoyed since the end of the Second World War has been depreciating much faster over the last 10-15 years, especially in relation to the Pacific Rim. Due to the ease of information transfer, technical capital is being distributed far more quickly than in the past. Any developed nation, including the U.S.,that wants to maintain its economic edge must address these increasing cyber security threats.
The infamous “Google E-mail Hacks” of 2010, are a case and point. Google openly implicated China in an e-mail hacking scandal, but this situation is actually not uncommon, it is just that Google went public and garnered significant media attention due to its status. Over 34 other companies, tech and defense firms, are also thought to have been targets for corporate espionage by government and non-government actors from China. Companies doing direct business with “Chinese partners” usually come under attack immediately. The real numbers are astounding, reported in the press:
A study released by computer-security firm McAfee and government consulting company SAIC on March 28 shows that more than half of some 1,000 companies in the United States, Britain and other countries decided not to investigate a computer-security breach because of the cost. One in 10 companies will only report a security breach when legally obliged to do so, according to the study.
Further Wiki Leaks Revealed,
“Since 2002, (U.S. government) organizations have been targeted with social-engineering online attacks” which succeeded in “gaining access to hundreds of (U.S. government) and cleared defense contractor systems,” the cable said. The emails were aimed at the U.S. Army, the Departments of Defense, State and Energy, other government entities and commercial companies…Between April and October 2008, hackers successfully stole “50 megabytes of email messages and attached documents, as well as a complete list of usernames and passwords from an unspecified (U.S. government) agency,” the cable says.
In a private meeting of U.S., German, French, British and Dutch officials held at Ramstein Air Base in September 2008, German officials said such computer attacks targeted every corner of the German market, including “the military, the economy, science and technology, commercial interests, and research and development,” and increase “before major negotiations involving German and Chinese interests,” according to a cable from that year…French officials said at the meeting that they “believed Chinese actors had gained access to the computers of several high-level French officials, activating microphones and Web cameras for the purpose of eavesdropping,” the cable said.
In mid-2009, representatives of the China Institutes for Contemporary International Relations, a nominally-independent research group affiliated with China’s Ministry of State Security, contacted James A. Lewis, a former U.S. diplomat now with the Center for Strategic and International Studies. The U.S. government is using Mr. Lewis as a proxy, there have been 3 formal meetings between him and his Chinese counterparts, but no progress has been made.
Various groups in China knows that innovation, like natural resources, is key to keeping the economy growing, which in turn will keep the communist party and it’s hangers-on in the business elite in power. It appears China will innovate “by hook or by crook”. The easiest and most cost effective way to innovate is to steal. Corporate espionage can be quite profitable:
Business Software Alliance, an international software industry group, estimates that 79% of the software sold in China in 2009 was illegally copied, creating a loss to the industry of US$7.6 billion in revenue. Even more important to Beijing, these statistics mean the vast majority of Chinese computer systems – government and private alike – remain vulnerable to malware.
Malware is important to the Chinese government, because China also claims it has also been the victim of numerous cyber attacks, and therein lies “the rub”.
As Minister of Public Security Meng Jianzhu said in December 2009, “The Internet has become a major vehicle through which anti-Chinese forces are perpetuating their work of infiltration and sabotage and magnifying their ability to disrupt the socialist order”.
Lets get a translation of what Mr. Meng is really saying. Shall we?
China is no doubt facing a paradox as it tries to manipulate and confront the growing capabilities of Internet users. Recent arrests of Chinese hackers and People’s Liberation Army (PLA) pronouncements suggest that China fears that its own computer experts, nationalist hackers and social media could turn against the government.
And it seems as if China has a lot of disgruntled netizens. Are “chicken’s coming home to roost”?
In June 2010, the State Council Information Office published a white paper on the growing threat of cyber-crime and how to combat it. Clearly, these challenges have been addressed this year. The Ministry of Public Security (MPS) announced on November 30 that it had arrested 460 suspected hackers thought to have been involved in 180 cases so far in 2010. This is part of the MPS’ usual end-of-year announcement of statistics to promote its success. But the MPS announcement also said that cyber-crime had increased 80% this year and seemed to blame the attacks only on hackers inside China…
These new efforts all contradict China’s long-standing policy of cultivating a population of nationalistic computer users. This effort has been useful to Beijing when it sees a need to cause disruption, whether by attacking US sites after perceived affronts like the Chinese Embassy bombing in Belgrade or preventing access by powerful foreign entities like Google.
Domestic hackers turning on the CCP, is such a concern that the People’s Liberation Army (PLA) has two military units dedicated to this issue, the Seventh Bureau of the Military Intelligence Department (MID) and the Third Department of the PLA. The MID is the offensive arm (or terrorist/spy wing, depending on how you wan t to see things). The Third Department is focused on national defense. Still, do not expect China to take serious means to halt cyber attacks imminating from the Mainland, instead, expect China to crackdown on non-government aligned hackers who may pose a threat to the CCP (Chinese Communist Party).
Sino-American mutual suspicions are all the rave these days. Much less discussed in the Western media, but has been on this blog, China’s love/hate relationship with Russia. The next installment of this series will look out how increased trade is not necessarily bringing the two Eurasian giants closer together.
A newly released State Department cable reveals Chinese intelligence-gathering efforts in Chile and U.S. concerns that Beijing’s growing ties to the Chilean military will compromise U.S. defense secrets shared with the South American nation’s armed forces.
“Sources have told the [U.S.] Embassy [in Santiago] that Chile’s close military ties with the United States are of great interest to the Chinese,” said the Aug. 29, 2005, cable, labeled “secret.”
“There is concern that the Chinese could be using Chilean officers and access to the Army training school to learn more about joint programs, priorities and techniques that the Chileans have developed with their U.S. counterparts.”
The cable said U.S. officials based in Chile worked with their Chilean counterparts to “sensitize them to the security and intelligence threats emanating from China.”
The cable, which was released by the anti-secrecy website WikiLeaks, is a rare disclosure of U.S. government concerns about Chinese intelligence-gathering, a problem highlighted by numerous U.S. espionage-related cases and technology-theft prosecutions over the past five years.
**FILE** President Obama walks with the Chilean Foreign Affairs Minister Alfredo Moreno (center right) and Gen. Marcos Gonzalez (center left) upon his arrival in Santiago, Chile, on March 21. (Associated Press)
The cable said Chinese intelligence and security organizations will step up spying in the key South American state as its business interests grow.
A key worry is that as a result of closer U.S. military cooperation with the Chilean military, “Chinese interest in [U.S. government] activities in the Southern Cone will most assuredly increase,” said the cable.
“The Chinese will likely attempt to learn more about U.S. military strategies and techniques via Chilean participation in bilateral training programs and joint exercises.”
Emilia Edwards, a spokeswoman for the Chilean Embassy in Washington, had no immediate comment.
Jamie Smith, a spokeswoman for Director of National IntelligenceJames R. Clapper, declined to comment. A Pentagon spokesman had no immediate comment.
RENAULT says its number two executive will be demoted while three others will be sacked in the wake of an industrial espionage fiasco at the French car-maker’s electric vehicles program.
Patrick Pelata’s offer to resign as chief operating officer was accepted but he will stay within the company, the firm said in a statement, adding that three executives from the group’s security service will leave.
Three other top executives will be relieved of their duties while their fate is decided, it said.
The announcement came after an extraordinary board meeting at Renault to study an audit committee’s report on the scandal that saw three senior executives wrongfully accused of selling industrial secrets.
The meeting also agreed on a deal to compensate the executives falsely accused, Renault said.
The French Government, which owns 15 per cent of Renault, had said yesterday the executives responsible for the embarrassing debacle should be sacked.
Finance Minister Christine Lagarde said the audit report showed the company’s management style was “dysfunctional” and revealed the need for both a “revision of the governance rules and for sanctions”.
Chief executive Carlos Ghosn went on prime-time television last month to apologise “personally and in Renault’s name” for the affair, but said he had turned down an offer by Pelata to resign.
Mr Ghosn said he and Pelata would forgo their 2010 bonuses and Renault would review its security procedures and take disciplinary measures against three implicated security employees.
The French car giant in January sacked Michel Balthazard, Bertrand Rochette, and Matthieu Tenenbaum after accusing them of accepting bribes in return for leaking secrets about Renault’s electric vehicle program.
The Government branded the affair “economic warfare” and some pointed the finger at China, drawing an angry denial from Beijing.
But in March the firm apologised to the managers after it emerged police had found no trace of bank accounts the accused men were alleged to have held and that the source of the spying allegations may have been a fraudster.
Investigators later questioned three Renault security managers and one was placed under formal investigation on suspicion of organised fraud.
Renault and its Japanese partner Nissan have staked their future on electric vehicles and plan to launch several models by 2014 to meet rapidly rising demand for more environmentally friendly methods of transport.
They have invested €4 billion ($5.48 billion) in the program.
Nissan and Renault joined forces in 1999. Renault currently owns a 44.3 per cent stake in its Japanese partner, while Nissan holds 15 per cent of the French auto maker’s shares.
Resurrecting a sleepy small-town newspaper is a tough job. But it’s even tougher when Fox News chairman Roger Ailes uses the News Corp. security detail to spy on you. According to Gawker’s John Cook and Hamilton Nolan, Ailes has been doing just that to his staffers at the Putnam County News and Recorder, one of two small Hudson Valley-area newspapers owned by Ailes and his wife Elizabeth, near where they planned to retire. Cook and Nolan write “more than 10 full-time and freelance staffers have left the Ailes’ Putnam County papers in the last 10 months,” including former News and Recorder staffer Joe Lindsey, a former Weekly Standard editorial assistant brought in personally by Ailes to turn the paper around. After Lindsey quit in January, he was driving to get lunch when he noticed a black Navigator following him. Suspicious, he eventually “got a look at the driver, who was a News Corporation security staffer that Lindsley happened to know socially. Lindsley continued on his way and later called the driver to ask if he was following him. The answer was yes, at Ailes’ direction.”
In addition to the car incident, there were other indications the Aileses were tracking the movements of their staffers. In March, Roger Ailes “confronted the three staffers and accused them of badmouthing him and Elizabeth during their lunch breaks” and multiple staffers told Gawker they had “reason to suspect that their e-mail was being read and that rooms in the News and Recorder offices were bugged.”
As if that wasn’t weird enough, try this on for size: per Cook and Nolan’s piece, the Aileses’ redesigned layout of the “single unisex bathroom in the papers’ headquarters features portraits of Elizabeth and Roger on the walls, watching you, while you poop.”
Please turn on JavaScript. Media requires JavaScript to play.
Security researchers demonstrate the vulnerability of the GSM system. Mark Ward and his BBC colleagues agreed to have their calls monitored
Stroll around a park making or receiving mobile phone calls and it is hard to believe that anyone could be listening in.
Who could possibly eavesdrop on your modern, digitally encrypted handset?
It should take the kind of technology and resources only available to the security services.
Yet two men wearing hoodie tops have managed to crack the system.
Karsten Nohl and Sylvain Munaut don’t look like secret agents, sitting behind their fold-out table next to a pile of old Motorola phones.
But these two security researchers have discovered a cheap, relatively simple way of intercepting mobile calls.
“We have been looking at GSM technology for a while and we find it to be pretty much outdated in every aspect of security and privacy,” said Mr Nohl.
The Global System for Mobile Communications (GSM) is the dominant cellular phone technology, used in billions of handsets around the world.
Large parts of it were developed in the 1980s and it is now vulnerable to 21st century hackers
Future attack
Mobile calls normally remain private thanks to digital encryption and because base stations rapidly change the way they identify a particular handset.
Karsten and Sylvain managed to reverse engineer the mathematical algorithm behind the encryption process, and use it decode voice calls.
Old mobile technology is proving vulnerable to powerful computers and cheap storage
The tools of their trade are a laptop and a particular model of Motorola phone whose base operating system, or “firmware” had previously been pulled apart and its details posted online.
Programmers used that information to create their own customised software, capable of displaying hidden technical information on mobile phone base stations.
The pair set up a demonstration for the BBC, in which they showed how to locate a handset, track its movements from a distance of more than 500m and steal copies of all the calls made on it.
Karsten and Sylvain say they do not plan to release their eavesdropping tools, but warned that it was only a matter of time before someone else re-created them.
That could lead to vandals, criminals and snoopers going on “war drives” – travelling around scooping up interesting conversations.
Such a situation is reminiscent of the early days of analogue mobile phones, when anyone with a radio scanner could listen in on calls.
“It’s a real concern,” said Oliver Crofton, director of Vigilante Bespoke which provides security services to high value individuals including sports stars, celebrities and chief executives.
“It will not take long for someone else to invest time and effort in this,” he said.
Vigilante Bespoke’s own experiences showed that there was already an interest in getting at the phones of the famous and powerful.
About 25% of the handsets analysed by the company are found to contain software or hardware modifications capable of reporting a phone’s location, texts and contacts, said Mr Crofton.
“We’re not talking about teenagers in a bedroom,” he said. “It’s organised crime, malicious journalists and blackmailers.”
Find and fix
The GSM Association (GSMA) said that the weaknesses found by Karsten and Sylvain related to older technologies. However, it conceded that those were still used in networks around the world.
Continue reading the main story
“Start Quote
It will not take long for someone else to invest time and effort in this.”
End Quote Oliver Crofton Vigilante Bespoke
Charles Brookson, chair of the GSMA’s security group for the past two decades, explained that when the first and second generation mobile standards were created, no-one expected them to be in use 20 years later.
“We knew that as the technology aged there was going to be more loopholes in it,” he said.
Those pioneering designers, of which he was one, also had to respect strict controls on the type and strength of encryption they could use.
“It was as strong as we could make it,” said Mr Brookson.
The GSMA was advising its 750 operator members to improve security on networks as they were upgraded, he explained.
It had also added functions that let people spot if they are connecting to a fake base station.
Despite the remaining weaknesses, Mr Brookson said he doubted that others could easily copy Karsten and Sylvain’s hack.
“Yes, the attacks are feasible but they are not exactly the sort of thing that the average person will be doing,” he said.
His view is shared by telecoms analyst Nigel Stanley who has been carrying out his own tests on mobile security.
The handsets of celebrities and sports stars are already being targeted by phone hackers
“It is relatively easy to set this up in a laboratory environment where you have controlled access to the technology,” he said.
“The issue might be if people are out and about driving in the street maybe hoping to intercept people in a real-time live environment,” he added. “I think it might be just a bit more difficult.”
He pointed out that the growing focus on mobile security by researchers and criminals was leading mobile providers to take action.
“Operators have reputational risks and they do not want to be associated with running an insecure network,” he said.
Those worried about mobile security can, if they have the right phone, force it to only use third-generation networks that use much stronger encryption.
Mobile owners can also opt for add-on software that encrypts calls to prevent eavesdropping.
Such applications are widely available for smartphones and include Redphone and Kryptos.
“The work that’s been undertaken out there in the community looking at security algorithms and technologies is actually very good,” said Mr Stanley.
“It does inform the network operators and the associations and helps them put in place a more secure infrastructure.”
Although Beijing is notorious for draconian internet censorship, having invested inordinate resources in a 30-50,000 man-strong internet shield, known as the Golden Shield (金盾工程: jīndùn gōngchéng), the new focus is on offensive international attacks and data gathering raids. In the case of Facebook, analyst are concerned that China is spying on foreign users in order to lift session ID information, personal information, e-mails, photos, chat conversations, all in order to lift propitiatory information, as well as monitor human rights activism.
